Enabling Expired Password changes through Outlook Web App Posted on February 16, 2012 by dpejic This feature was introduced in Exchange Server 2007 SP3. It allows any new user with the setting User must change password at next logon to use OWA to change an expired password. Log on to the Client Access Server Click on Start, Run and type in regedit and click on OK Expand HKEY_LOCAL_Machine Expand System Expand CurrentControlSet Expand Services Click on MSExchange OWA Right-click on the right hand side pane, click on New and then DWORD (32 bit) value Let’s name the key ChangeExpiredPasswordEnabled and its value will be 1, as shown in Figure 03 Figure 03 After the changes, restart IIS using IISReset /noforce and start using the new feature. In order to do the test let’s create a new user. Make sure that the attribute change password at next logon is set and try to logon using OWA (Figure 04). Figure 04 Type in the username, current password and new password, then Outlook Web App will inform you that the new password was set and your user is good to go (Figure 05). Just need to click OK and use the new credentials to get access to Outlook Web App. Figure 05 I wrote this script for an Exchange Server 2007 SP3 article, but it can be used in Exchange Server 2010 SP1 as well. Make sure that you save the content below in a file with an extension .ps1. Run it from a PowerShell session and the script will add the ChangeExpiredPasswordEnabled registry change and restarts your IIS. Write-Host "Adding ChangeExpiredPasswordEnable key in the registry…" New-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\services\MSExchange OWA" -Name "ChangeExpiredPasswordEnabled" -Value 1 -PropertyType "DWord" Write-Host "Restarting IIS using /noforce option.." IISReset /noforce